/*===========================================================================*
* do_safememset *
*===========================================================================*/
int do_safememset(struct proc *caller, message *m_ptr) {
/* Implementation of the do_safememset() kernel call */
/* Extract parameters */
endpoint_t dst_endpt = m_ptr->SMS_DST;
endpoint_t caller_endpt = caller->p_endpoint;
cp_grant_id_t grantid = m_ptr->SMS_GID;
vir_bytes g_offset = m_ptr->SMS_OFFSET;
int pattern = m_ptr->SMS_PATTERN;
size_t len = (size_t)m_ptr->SMS_BYTES;
struct proc *dst_p;
endpoint_t new_granter;
static vir_bytes v_offset;
int r;
if (dst_endpt == NONE || caller_endpt == NONE)
return EFAULT;
if (!(dst_p = endpoint_lookup(dst_endpt)))
return EINVAL;
if (!(priv(dst_p) && priv(dst_p)->s_grant_table)) {
printf("safememset: dst %d has no grant table\n", dst_endpt);
return EINVAL;
}
/* Verify permission exists, memset always requires CPF_WRITE */
r = verify_grant(dst_endpt, caller_endpt, grantid, len, CPF_WRITE,
g_offset, &v_offset, &new_granter);
if (r != OK) {
printf("safememset: grant %d verify failed %d", grantid, r);
return r;
}
return vm_memset(caller, new_granter, v_offset, pattern, len);
}
/*==========================================================================*
* do_umap_remote *
*==========================================================================*/
int do_umap_remote(struct proc * caller, message * m_ptr)
{
/* Map virtual address to physical, for non-kernel processes. */
int seg_type = m_ptr->CP_SRC_SPACE & SEGMENT_TYPE;
int seg_index = m_ptr->CP_SRC_SPACE & SEGMENT_INDEX;
vir_bytes offset = m_ptr->CP_SRC_ADDR;
int count = m_ptr->CP_NR_BYTES;
int endpt = (int) m_ptr->CP_SRC_ENDPT;
endpoint_t grantee = (endpoint_t) m_ptr->CP_DST_ENDPT;
int proc_nr, proc_nr_grantee;
int naughty = 0;
phys_bytes phys_addr = 0, lin_addr = 0;
struct proc *targetpr;
/* Verify process number. */
if (endpt == SELF)
proc_nr = _ENDPOINT_P(caller->p_endpoint);
else
if (! isokendpt(endpt, &proc_nr))
return(EINVAL);
targetpr = proc_addr(proc_nr);
/* Verify grantee endpoint */
if (grantee == SELF) {
grantee = caller->p_endpoint;
} else if (grantee == NONE ||
grantee == ANY ||
seg_index != MEM_GRANT ||
!isokendpt(grantee, &proc_nr_grantee)) {
return EINVAL;
}
/* See which mapping should be made. */
switch(seg_type) {
case LOCAL_SEG:
phys_addr = lin_addr = umap_local(targetpr, seg_index, offset, count);
if(!lin_addr) return EFAULT;
naughty = 1;
break;
case LOCAL_VM_SEG:
if(seg_index == MEM_GRANT) {
vir_bytes newoffset;
endpoint_t newep;
int new_proc_nr;
cp_grant_id_t grant = (cp_grant_id_t) offset;
if(verify_grant(targetpr->p_endpoint, grantee, grant, count,
0, 0, &newoffset, &newep) != OK) {
printf("SYSTEM: do_umap: verify_grant in %s, grant %d, bytes 0x%lx, failed, caller %s\n", targetpr->p_name, offset, count, caller->p_name);
proc_stacktrace(caller);
return EFAULT;
}
if(!isokendpt(newep, &new_proc_nr)) {
printf("SYSTEM: do_umap: isokendpt failed\n");
return EFAULT;
}
/* New lookup. */
offset = newoffset;
targetpr = proc_addr(new_proc_nr);
seg_index = D;
}
if(seg_index == T || seg_index == D || seg_index == S) {
phys_addr = lin_addr = umap_local(targetpr, seg_index, offset, count);
} else {
printf("SYSTEM: bogus seg type 0x%lx\n", seg_index);
return EFAULT;
}
if(!lin_addr) {
printf("SYSTEM:do_umap: umap_local failed\n");
return EFAULT;
}
if(vm_lookup(targetpr, lin_addr, &phys_addr, NULL) != OK) {
printf("SYSTEM:do_umap: vm_lookup failed\n");
return EFAULT;
}
if(phys_addr == 0)
panic("vm_lookup returned zero physical address");
break;
default:
printf("umap: peculiar type\n");
return EINVAL;
}
if(vm_running && vm_lookup_range(targetpr, lin_addr, NULL, count) != count) {
printf("SYSTEM:do_umap: not contiguous\n");
return EFAULT;
}
m_ptr->CP_DST_ADDR = phys_addr;
if(naughty || phys_addr == 0) {
printf("kernel: umap 0x%x done by %d / %s, pc 0x%lx, 0x%lx -> 0x%lx\n",
seg_type, caller->p_endpoint, caller->p_name,
caller->p_reg.pc, offset, phys_addr);
printf("caller stack: ");
proc_stacktrace(caller);
}
return (phys_addr == 0) ? EFAULT: OK;
}
/*===========================================================================*
* do_vumap *
*===========================================================================*/
int do_vumap(struct proc *caller, message *m_ptr)
{
/* Map a vector of grants or local virtual addresses to physical addresses.
* Designed to be used by drivers to perform an efficient lookup of physical
* addresses for the purpose of direct DMA from/to a remote process.
*/
endpoint_t endpt, source, granter;
struct proc *procp;
struct vumap_vir vvec[MAPVEC_NR];
struct vumap_phys pvec[MAPVEC_NR];
vir_bytes vaddr, paddr, vir_addr;
phys_bytes phys_addr;
int i, r, proc_nr, vcount, pcount, pmax, access;
size_t size, chunk, offset;
endpt = caller->p_endpoint;
/* Retrieve and check input parameters. */
source = m_ptr->VUMAP_ENDPT;
vaddr = (vir_bytes) m_ptr->VUMAP_VADDR;
vcount = m_ptr->VUMAP_VCOUNT;
offset = m_ptr->VUMAP_OFFSET;
access = m_ptr->VUMAP_ACCESS;
paddr = (vir_bytes) m_ptr->VUMAP_PADDR;
pmax = m_ptr->VUMAP_PMAX;
if (vcount <= 0 || pmax <= 0)
return EINVAL;
if (vcount > MAPVEC_NR) vcount = MAPVEC_NR;
if (pmax > MAPVEC_NR) pmax = MAPVEC_NR;
/* Convert access to safecopy access flags. */
switch (access) {
case VUA_READ: access = CPF_READ; break;
case VUA_WRITE: access = CPF_WRITE; break;
case VUA_READ|VUA_WRITE: access = CPF_READ|CPF_WRITE; break;
default: return EINVAL;
}
/* Copy in the vector of virtual addresses. */
size = vcount * sizeof(vvec[0]);
if (data_copy(endpt, vaddr, KERNEL, (vir_bytes) vvec, size) != OK)
return EFAULT;
pcount = 0;
/* Go through the input entries, one at a time. Stop early in case the output
* vector has filled up.
*/
for (i = 0; i < vcount && pcount < pmax; i++) {
size = vvec[i].vv_size;
if (size <= offset)
return EINVAL;
size -= offset;
if (source != SELF) {
r = verify_grant(source, endpt, vvec[i].vv_grant, size, access,
offset, &vir_addr, &granter);
if (r != OK)
return r;
} else {
vir_addr = vvec[i].vv_addr + offset;
granter = endpt;
}
okendpt(granter, &proc_nr);
procp = proc_addr(proc_nr);
/* Each virtual range is made up of one or more physical ranges. */
while (size > 0 && pcount < pmax) {
chunk = vm_lookup_range(procp, vir_addr, &phys_addr, size);
if (!chunk) {
/* Try to get the memory allocated, unless the memory
* is supposed to be there to be read from.
*/
if (access & CPF_READ)
return EFAULT;
/* This call may suspend the current call, or return an
* error for a previous invocation.
*/
return vm_check_range(caller, procp, vir_addr, size);
}
pvec[pcount].vp_addr = phys_addr;
pvec[pcount].vp_size = chunk;
pcount++;
vir_addr += chunk;
size -= chunk;
}
offset = 0;
}
/* Copy out the resulting vector of physical addresses. */
assert(pcount > 0);
size = pcount * sizeof(pvec[0]);
r = data_copy_vmcheck(caller, KERNEL, (vir_bytes) pvec, endpt, paddr, size);
if (r == OK)
m_ptr->VUMAP_PCOUNT = pcount;
return r;
}
/*===========================================================================*
* do_sdevio *
*===========================================================================*/
PUBLIC int do_sdevio(struct proc * caller, message *m_ptr)
{
vir_bytes newoffset;
endpoint_t newep;
int proc_nr;
endpoint_t proc_nr_e = m_ptr->DIO_VEC_ENDPT;
vir_bytes count = m_ptr->DIO_VEC_SIZE;
long port = m_ptr->DIO_PORT;
phys_bytes phys_buf;
int i, req_type, req_dir, size, nr_io_range;
struct priv *privp;
struct io_range *iorp;
struct proc *destproc;
int retval;
/* Allow safe copies and accesses to SELF */
if ((m_ptr->DIO_REQUEST & _DIO_SAFEMASK) != _DIO_SAFE &&
proc_nr_e != SELF)
{
static int first= 1;
if (first)
{
first= 0;
printf("do_sdevio: for %d, req %d\n",
m_ptr->m_source, m_ptr->DIO_REQUEST);
}
}
/* Check if process endpoint is OK.
* A driver may directly provide a pointer to a buffer at the user-process
* that initiated the device I/O. Kernel processes, of course, are denied.
*/
if (proc_nr_e == SELF)
proc_nr = _ENDPOINT_P(caller->p_endpoint);
else
if(!isokendpt(proc_nr_e, &proc_nr))
return(EINVAL);
if (iskerneln(proc_nr)) return(EPERM);
/* Extract direction (in or out) and type (size). */
req_dir = m_ptr->DIO_REQUEST & _DIO_DIRMASK;
req_type = m_ptr->DIO_REQUEST & _DIO_TYPEMASK;
/* Check for 'safe' variants. */
if((m_ptr->DIO_REQUEST & _DIO_SAFEMASK) == _DIO_SAFE) {
/* Map grant address to physical address. */
if(verify_grant(proc_nr_e, caller->p_endpoint,
(cp_grant_id_t) m_ptr->DIO_VEC_ADDR,
count,
req_dir == _DIO_INPUT ? CPF_WRITE : CPF_READ,
(vir_bytes) m_ptr->DIO_OFFSET,
&newoffset, &newep) != OK) {
printf("do_sdevio: verify_grant failed\n");
return EPERM;
}
if(!isokendpt(newep, &proc_nr))
return(EINVAL);
destproc = proc_addr(proc_nr);
if ((phys_buf = umap_local(destproc, D,
(vir_bytes) newoffset, count)) == 0) {
printf("do_sdevio: umap_local failed\n");
return(EFAULT);
}
} else {
if(proc_nr != _ENDPOINT_P(caller->p_endpoint))
{
printf("do_sdevio: unsafe sdevio by %d in %d denied\n",
caller->p_endpoint, proc_nr_e);
return EPERM;
}
/* Get and check physical address. */
if ((phys_buf = umap_local(proc_addr(proc_nr), D,
(vir_bytes) m_ptr->DIO_VEC_ADDR, count)) == 0)
return(EFAULT);
destproc = proc_addr(proc_nr);
}
/* current process must be target for phys_* to be OK */
switch_address_space(destproc);
switch (req_type)
{
case _DIO_BYTE: size= 1; break;
case _DIO_WORD: size= 2; break;
case _DIO_LONG: size= 4; break;
default: size= 4; break; /* Be conservative */
}
privp= priv(caller);
if (privp && privp->s_flags & CHECK_IO_PORT)
{
port= m_ptr->DIO_PORT;
nr_io_range= privp->s_nr_io_range;
for (i= 0, iorp= privp->s_io_tab; i<nr_io_range; i++, iorp++)
{
if (port >= iorp->ior_base && port+size-1 <= iorp->ior_limit)
break;
}
if (i >= nr_io_range)
{
printf(
"do_sdevio: I/O port check failed for proc %d, port 0x%x\n",
m_ptr->m_source, port);
retval = EPERM;
goto return_error;
}
}
if (port & (size-1))
{
printf("do_devio: unaligned port 0x%x (size %d)\n", port, size);
retval = EPERM;
goto return_error;
}
/* Perform device I/O for bytes and words. Longs are not supported. */
if (req_dir == _DIO_INPUT) {
switch (req_type) {
case _DIO_BYTE: phys_insb(port, phys_buf, count); break;
case _DIO_WORD: phys_insw(port, phys_buf, count); break;
default:
retval = EINVAL;
goto return_error;
}
} else if (req_dir == _DIO_OUTPUT) {
switch (req_type) {
case _DIO_BYTE: phys_outsb(port, phys_buf, count); break;
case _DIO_WORD: phys_outsw(port, phys_buf, count); break;
default:
retval = EINVAL;
goto return_error;
}
}
else {
retval = EINVAL;
goto return_error;
}
retval = OK;
return_error:
/* switch back to the address of the process which made the call */
switch_address_space(caller);
return retval;
}
